idnits 2.17.1 draft-ietf-ippm-ioam-data-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 27, 2018) is 2120 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '0' on line 538 -- Looks like a reference, but probably isn't: '1' on line 390 == Missing Reference: 'IEEE1588' is mentioned on line 1069, but not defined -- Possible downref: Non-RFC (?) normative reference: ref. 'IEEE1588v2' -- Possible downref: Non-RFC (?) normative reference: ref. 'POSIX' == Outdated reference: A later version (-09) exists of draft-ietf-ntp-packet-timestamps-02 == Outdated reference: A later version (-16) exists of draft-ietf-nvo3-geneve-06 == Outdated reference: A later version (-13) exists of draft-ietf-nvo3-vxlan-gpe-06 == Outdated reference: A later version (-07) exists of draft-spiegel-ippm-ioam-rawexport-00 Summary: 0 errors (**), 0 flaws (~~), 6 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 ippm F. Brockners 3 Internet-Draft S. Bhandari 4 Intended status: Standards Track C. Pignataro 5 Expires: December 29, 2018 Cisco 6 H. Gredler 7 RtBrick Inc. 8 J. Leddy 9 Comcast 10 S. Youell 11 JPMC 12 T. Mizrahi 13 Marvell 14 D. Mozes 16 P. Lapukhov 17 Facebook 18 R. Chang 19 Barefoot Networks 20 D. Bernier 21 Bell Canada 22 J. Lemon 23 Broadcom 24 June 27, 2018 26 Data Fields for In-situ OAM 27 draft-ietf-ippm-ioam-data-03 29 Abstract 31 In-situ Operations, Administration, and Maintenance (IOAM) records 32 operational and telemetry information in the packet while the packet 33 traverses a path between two points in the network. This document 34 discusses the data fields and associated data types for in-situ OAM. 35 In-situ OAM data fields can be embedded into a variety of transports 36 such as NSH, Segment Routing, Geneve, native IPv6 (via extension 37 header), or IPv4. In-situ OAM can be used to complement OAM 38 mechanisms based on e.g. ICMP or other types of probe packets. 40 Status of This Memo 42 This Internet-Draft is submitted in full conformance with the 43 provisions of BCP 78 and BCP 79. 45 Internet-Drafts are working documents of the Internet Engineering 46 Task Force (IETF). Note that other groups may also distribute 47 working documents as Internet-Drafts. The list of current Internet- 48 Drafts is at http://datatracker.ietf.org/drafts/current/. 50 Internet-Drafts are draft documents valid for a maximum of six months 51 and may be updated, replaced, or obsoleted by other documents at any 52 time. It is inappropriate to use Internet-Drafts as reference 53 material or to cite them other than as "work in progress." 55 This Internet-Draft will expire on December 29, 2018. 57 Copyright Notice 59 Copyright (c) 2018 IETF Trust and the persons identified as the 60 document authors. All rights reserved. 62 This document is subject to BCP 78 and the IETF Trust's Legal 63 Provisions Relating to IETF Documents 64 (http://trustee.ietf.org/license-info) in effect on the date of 65 publication of this document. Please review these documents 66 carefully, as they describe your rights and restrictions with respect 67 to this document. Code Components extracted from this document must 68 include Simplified BSD License text as described in Section 4.e of 69 the Trust Legal Provisions and are provided without warranty as 70 described in the Simplified BSD License. 72 Table of Contents 74 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 75 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 76 3. Scope, Applicability, and Assumptions . . . . . . . . . . . . 4 77 4. IOAM Data Types and Formats . . . . . . . . . . . . . . . . . 5 78 4.1. IOAM Tracing Options . . . . . . . . . . . . . . . . . . 6 79 4.1.1. Pre-allocated and Incremental Trace Options . . . . . 8 80 4.1.2. IOAM node data fields and associated formats . . . . 12 81 4.1.3. Examples of IOAM node data . . . . . . . . . . . . . 17 82 4.2. IOAM Proof of Transit Option . . . . . . . . . . . . . . 19 83 4.2.1. IOAM Proof of Transit Type 0 . . . . . . . . . . . . 20 84 4.3. IOAM Edge-to-Edge Option . . . . . . . . . . . . . . . . 22 85 5. Timestamp Formats . . . . . . . . . . . . . . . . . . . . . . 23 86 5.1. PTP Truncated Timestamp Format . . . . . . . . . . . . . 23 87 5.2. NTP 64-bit Timestamp Format . . . . . . . . . . . . . . . 25 88 5.3. POSIX-based Timestamp Format . . . . . . . . . . . . . . 26 89 6. IOAM Data Export . . . . . . . . . . . . . . . . . . . . . . 27 90 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28 91 7.1. Creation of a new In-Situ OAM Protocol Parameters 92 Registry (IOAM) Protocol Parameters IANA registry . . . . 28 93 7.2. IOAM Type Registry . . . . . . . . . . . . . . . . . . . 28 94 7.3. IOAM Trace Type Registry . . . . . . . . . . . . . . . . 29 95 7.4. IOAM Trace Flags Registry . . . . . . . . . . . . . . . . 29 96 7.5. IOAM POT Type Registry . . . . . . . . . . . . . . . . . 29 97 7.6. IOAM POT Flags Registry . . . . . . . . . . . . . . . . . 29 98 7.7. IOAM E2E Type Registry . . . . . . . . . . . . . . . . . 29 99 8. Security Considerations . . . . . . . . . . . . . . . . . . . 29 100 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30 101 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 31 102 10.1. Normative References . . . . . . . . . . . . . . . . . . 31 103 10.2. Informative References . . . . . . . . . . . . . . . . . 31 104 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 33 106 1. Introduction 108 This document defines data fields for "in-situ" Operations, 109 Administration, and Maintenance (IOAM). In-situ OAM records OAM 110 information within the packet while the packet traverses a particular 111 network domain. The term "in-situ" refers to the fact that the OAM 112 data is added to the data packets rather than is being sent within 113 packets specifically dedicated to OAM. IOAM is to complement 114 mechanisms such as Ping or Traceroute, or more recent active probing 115 mechanisms as described in [I-D.lapukhov-dataplane-probe]. In terms 116 of "active" or "passive" OAM, "in-situ" OAM can be considered a 117 hybrid OAM type. While no extra packets are sent, IOAM adds 118 information to the packets therefore cannot be considered passive. 119 In terms of the classification given in [RFC7799] IOAM could be 120 portrayed as Hybrid Type 1. "In-situ" mechanisms do not require 121 extra packets to be sent and hence don't change the packet traffic 122 mix within the network. IOAM mechanisms can be leveraged where 123 mechanisms using e.g. ICMP do not apply or do not offer the desired 124 results, such as proving that a certain traffic flow takes a pre- 125 defined path, SLA verification for the live data traffic, detailed 126 statistics on traffic distribution paths in networks that distribute 127 traffic across multiple paths, or scenarios in which probe traffic is 128 potentially handled differently from regular data traffic by the 129 network devices. 131 2. Conventions 133 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 134 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 135 document are to be interpreted as described in [RFC2119]. 137 Abbreviations used in this document: 139 E2E Edge to Edge 141 Geneve: Generic Network Virtualization Encapsulation 142 [I-D.ietf-nvo3-geneve] 144 IOAM: In-situ Operations, Administration, and Maintenance 145 MTU: Maximum Transmit Unit 147 NSH: Network Service Header [I-D.ietf-sfc-nsh] 149 OAM: Operations, Administration, and Maintenance 151 POT: Proof of Transit 153 SFC: Service Function Chain 155 SID: Segment Identifier 157 SR: Segment Routing 159 VXLAN-GPE: Virtual eXtensible Local Area Network, Generic Protocol 160 Extension [I-D.ietf-nvo3-vxlan-gpe] 162 3. Scope, Applicability, and Assumptions 164 IOAM deployment assumes a set of constraints, requirements, and 165 guiding principles which are described in this section. 167 Scope: This document defines the data fields and associated data 168 types for in-situ OAM. The in-situ OAM data field can be transported 169 by a variety of transport protocols, including NSH, Segment Routing, 170 Geneve, IPv6, or IPv4. Specification details for these different 171 transport protocols are outside the scope of this document. 173 Deployment domain (or scope) of in-situ OAM deployment: IOAM is a 174 network domain focused feature, with "network domain" being a set of 175 network devices or entities within a single administration. For 176 example, a network domain can include an enterprise campus using 177 physical connections between devices or an overlay network using 178 virtual connections / tunnels for connectivity between said devices. 179 A network domain is defined by its perimeter or edge. Designers of 180 carrier protocols for IOAM must specify mechanisms to ensure that 181 IOAM data stays within an IOAM domain. In addition, the operator of 182 such a domain is expected to put provisions in place to ensure that 183 IOAM data does not leak beyond the edge of an IOAM domain, e.g. using 184 for example packet filtering methods. The operator should consider 185 potential operational impact of IOAM to mechanisms such as ECMP 186 processing (e.g. load-balancing schemes based on packet length could 187 be impacted by the increased packet size due to IOAM), path MTU (i.e. 188 ensure that the MTU of all links within a domain is sufficiently 189 large to support the increased packet size due to IOAM) and ICMP 190 message handling (i.e. in case of a native IPv6 transport, IOAM 191 support for ICMPv6 Echo Request/Reply could desired which would 192 translate into ICMPv6 extensions to enable IOAM data fields to be 193 copied from an Echo Request message to an Echo Reply message). 195 IOAM control points: IOAM data fields are added to or removed from 196 the live user traffic by the devices which form the edge of a domain. 197 Devices within an IOAM domain can update and/or add IOAM data-fields. 198 Domain edge devices can be hosts or network devices. 200 Traffic-sets that IOAM is applied to: IOAM can be deployed on all or 201 only on subsets of the live user traffic. It SHOULD be possible to 202 enable IOAM on a selected set of traffic (e.g., per interface, based 203 on an access control list or flow specification defining a specific 204 set of traffic, etc.) The selected set of traffic can also be all 205 traffic. 207 Encapsulation independence: Data formats for IOAM SHOULD be defined 208 in a transport-independent manner. IOAM applies to a variety of 209 encapsulating protocols. A definition of how IOAM data fields are 210 carried by different transport protocols is outside the scope of this 211 document. 213 Layering: If several encapsulation protocols (e.g., in case of 214 tunneling) are stacked on top of each other, IOAM data-records could 215 be present at every layer. The behavior follows the ships-in-the- 216 night model, i.e. IOAM data in one layer is independent from IOAM 217 data in another layer. Layering allows operators to instrument the 218 protocol layer they want to measure. The different layers could, but 219 do not have to share the same IOAM encapsulation and decapsulation. 221 Combination with active OAM mechanisms: IOAM should be usable for 222 active network probing, enabling for example a customized version of 223 traceroute. Decapsulating IOAM nodes may have an ability to send the 224 IOAM information retrieved from the packet back to the source address 225 of the packet or to the encapsulating node. 227 IOAM implementation: The IOAM data-field definitions take the 228 specifics of devices with hardware data-plane and software data-plane 229 into account. 231 4. IOAM Data Types and Formats 233 This section defines IOAM data types and data fields and associated 234 data types required for IOAM. 236 To accommodate the different uses of IOAM, IOAM data fields fall into 237 different categories, e.g. edge-to-edge, per node tracing, or for 238 proof of transit. In IOAM these categories are referred to as IOAM- 239 Types. A common registry is maintained for IOAM-Types, see 240 Section 7.2 for details. Corresponding to these IOAM-Types, 241 different IOAM data fields are defined. IOAM data fields can be 242 encapsulated into a variety of protocols, such as NSH, Geneve, IPv6, 243 etc. The definition of how IOAM data fields are encapsulated into 244 other protocols is outside the scope of this document. 246 IOAM is expected to be deployed in a specific domain rather than on 247 the overall Internet. The part of the network which employs IOAM is 248 referred to as the "IOAM-domain". IOAM data is added to a packet 249 upon entering the IOAM-domain and is removed from the packet when 250 exiting the domain. Within the IOAM-domain, the IOAM data may be 251 updated by network nodes that the packet traverses. The device which 252 adds an IOAM data container to the packet to capture IOAM data is 253 called the "IOAM encapsulating node", whereas the device which 254 removes the IOAM data container is referred to as the "IOAM 255 decapsulating node". Nodes within the domain which are aware of IOAM 256 data and read and/or write or process the IOAM data are called "IOAM 257 transit nodes". IOAM nodes which add or remove the IOAM data 258 container can also update the IOAM data fields at the same time. Or 259 in other words, IOAM encapsulation or decapsulating nodes can also 260 serve as IOAM transit nodes at the same time. Note that not every 261 node in an IOAM domain needs to be an IOAM transit node. For 262 example, a Segment Routing deployment might require the segment 263 routing path to be verified. In that case, only the SR nodes would 264 also be IOAM transit nodes rather than all nodes. 266 4.1. IOAM Tracing Options 268 "IOAM tracing data" is expected to be collected at every node that a 269 packet traverses to ensure visibility into the entire path a packet 270 takes within an IOAM domain, i.e., in a typical deployment all nodes 271 in an in-situ OAM-domain would participate in IOAM and thus be IOAM 272 transit nodes, IOAM encapsulating or IOAM decapsulating nodes. If 273 not all nodes within a domain are IOAM capable, IOAM tracing 274 information will only be collected on those nodes which are IOAM 275 capable. Nodes which are not IOAM capable will forward the packet 276 without any changes to the IOAM data fields. The maximum number of 277 hops and the minimum path MTU of the IOAM domain is assumed to be 278 known. 280 To optimize hardware and software implementations tracing is defined 281 as two separate options. Any deployment MAY choose to configure and 282 support one or both of the following options. An implementation of 283 the transport protocol that carries these in-situ OAM data MAY choose 284 to support only one of the options. In the event that both options 285 are utilized at the same time, the Incremental Trace Option MUST be 286 placed before the Pre-allocated Trace Option. Given that the 287 operator knows which equipment is deployed in a particular IOAM, the 288 operator will decide by means of configuration which type(s) of trace 289 options will be enabled for a particular domain. 291 Pre-allocated Trace Option: This trace option is defined as a 292 container of node data fields with pre-allocated space for each 293 node to populate its information. This option is useful for 294 software implementations where it is efficient to allocate the 295 space once and index into the array to populate the data during 296 transit. The IOAM encapsulating node allocates the option header 297 and sets the fields in the option header. The in situ OAM 298 encapsulating node allocates an array which is used to store 299 operational data retrieved from every node while the packet 300 traverses the domain. IOAM transit nodes update the content of 301 the array. A pointer which is part of the IOAM trace data points 302 to the next empty slot in the array, which is where the next IOAM 303 transit node fills in its data. 305 Incremental Trace Option: This trace option is defined as a 306 container of node data fields where each node allocates and pushes 307 its node data immediately following the option header. This type 308 of trace recording is useful for some of the hardware 309 implementations as this eliminates the need for the transit 310 network elements to read the full array in the option and allows 311 for arbitrarily long packets as the MTU allows. The in-situ OAM 312 encapsulating node allocates the option header. The in-situ OAM 313 encapsulating node based on operational state and configuration 314 sets the fields in the header that control what node data fields 315 should be collected, and how large the node data list can grow. 316 The in-situ OAM transit nodes push their node data to the node 317 data list, decrease the remaining length available to subsequent 318 nodes, and adjust the lengths and possibly checksums in outer 319 headers. 321 Every node data entry is to hold information for a particular IOAM 322 transit node that is traversed by a packet. The in-situ OAM 323 decapsulating node removes the IOAM data and processes and/or exports 324 the metadata. IOAM data uses its own name-space for information such 325 as node identifier or interface identifier. This allows for a 326 domain-specific definition and interpretation. For example: In one 327 case an interface-id could point to a physical interface (e.g., to 328 understand which physical interface of an aggregated link is used 329 when receiving or transmitting a packet) whereas in another case it 330 could refer to a logical interface (e.g., in case of tunnels). 332 The following IOAM data is defined for IOAM tracing: 334 o Identification of the IOAM node. An IOAM node identifier can 335 match to a device identifier or a particular control point or 336 subsystem within a device. 338 o Identification of the interface that a packet was received on, 339 i.e. ingress interface. 341 o Identification of the interface that a packet was sent out on, 342 i.e. egress interface. 344 o Time of day when the packet was processed by the node. Different 345 definitions of processing time are feasible and expected, though 346 it is important that all devices of an in-situ OAM domain follow 347 the same definition. 349 o Generic data: Format-free information where syntax and semantic of 350 the information is defined by the operator in a specific 351 deployment. For a specific deployment, all IOAM nodes should 352 interpret the generic data the same way. Examples for generic 353 IOAM data include geo-location information (location of the node 354 at the time the packet was processed), buffer queue fill level or 355 cache fill level at the time the packet was processed, or even a 356 battery charge level. 358 o A mechanism to detect whether IOAM trace data was added at every 359 hop or whether certain hops in the domain weren't in-situ OAM 360 transit nodes. 362 The "node data list" array in the packet is populated iteratively as 363 the packet traverses the network, starting with the last entry of the 364 array, i.e., "node data list [n]" is the first entry to be populated, 365 "node data list [n-1]" is the second one, etc. 367 4.1.1. Pre-allocated and Incremental Trace Options 369 The in-situ OAM pre-allocated trace option and the in-situ OAM 370 incremental trace option have similar formats. Except where noted 371 below, the internal formats and fields of the two trace options are 372 identical. 374 Pre-allocated and incremental trace option headers: 376 0 1 2 3 377 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 378 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 379 | IOAM-Trace-Type | NodeLen | Flags |RemainingLen | 380 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 382 The trace option data MUST be 4-octet aligned: 384 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 385 | | | 386 | node data list [0] | | 387 | | | 388 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ D 389 | | a 390 | node data list [1] | t 391 | | a 392 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 393 ~ ... ~ S 394 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ p 395 | | a 396 | node data list [n-1] | c 397 | | e 398 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 399 | | | 400 | node data list [n] | | 401 | | | 402 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 404 IOAM-Trace-Type: A 16-bit identifier which specifies which data 405 types are used in this node data list. 407 The IOAM-Trace-Type value is a bit field. The following bit 408 fields are defined in this document, with details on each field 409 described in the Section 4.1.2. The order of packing the data 410 fields in each node data element follows the bit order of the 411 IOAM-Trace-Type field, as follows: 413 Bit 0 (Most significant bit) When set indicates presence of 414 Hop_Lim and node_id in the node data. 416 Bit 1 When set indicates presence of ingress_if_id and 417 egress_if_id (short format) in the node data. 419 Bit 2 When set indicates presence of timestamp seconds in the 420 node data. 422 Bit 3 When set indicates presence of timestamp subseconds in 423 the node data. 425 Bit 4 When set indicates presence of transit delay in the node 426 data. 428 Bit 5 When set indicates presence of app_data (short format) in 429 the node data. 431 Bit 6 When set indicates presence of queue depth in the node 432 data. 434 Bit 7 When set indicates presence of variable length Opaque 435 State Snapshot field. 437 Bit 8 When set indicates presence of Hop_Lim and node_id in 438 wide format in the node data. 440 Bit 9 When set indicates presence of ingress_if_id and 441 egress_if_id in wide format in the node data. 443 Bit 10 When set indicates presence of app_data wide in the node 444 data. 446 Bit 11 When set indicates presence of the Checksum Complement 447 node data. 449 Bit 12-15 Undefined. An IOAM encapsulating node must set the 450 value of each of these bits to 0. If an IOAM transit 451 node receives a packet with one or more of these bits set 452 to 1, it must either: 454 1. Add corresponding node data filled with the reserved 455 value 0xFFFFFFFF, after the node data fields for the 456 IOAM-Trace-Type bits defined above, such that the 457 total node data added by this node in units of 458 4-octets is equal to NodeLen, or 460 2. Not add any node data fields to the packet, even for 461 the IOAM-Trace-Type bits defined above. 463 Section 4.1.2 describes the IOAM data types and their formats. 464 Within an in-situ OAM domain possible combinations of these bits 465 making the IOAM-Trace-Type can be restricted by configuration 466 knobs. 468 NodeLen: 5-bit unsigned integer. This field specifies the length of 469 data added by each node in multiples of 4-octets, excluding the 470 length of the "Opaque State Snapshot" field. 472 If IOAM-Trace-Type bit 7 is not set, then NodeLen specifies the 473 actual length added by each node. If IOAM-Trace-Type bit 7 is 474 set, then the actual length added by a node would be (NodeLen + 475 Opaque Data Length). 477 For example, if 3 IOAM-Trace-Type bits are set and none of them 478 are wide, then NodeLen would be 3. If 3 IOAM-Trace-Type bits are 479 set and 2 of them are wide, then NodeLen would be 5. 481 An IOAM encapsulating node must set NodeLen. 483 A node receiving an IOAM Pre-allocated or Incremental Trace Option 484 may rely on the NodeLen value, or it may ignore the NodeLen value 485 and calculate the node length from the IOAM-Trace-Type bits. 487 Flags 4-bit field. Following flags are defined: 489 Bit 0 "Overflow" (O-bit) (most significant bit). This bit is set 490 by the network element if there is not enough number of octets 491 left to record node data, no field is added and the overflow 492 "O-bit" must be set to "1" in the header. This is useful for 493 transit nodes to ignore further processing of the option. 495 Bit 1 "Loopback" (L-bit). Loopback mode is used to send a copy 496 of a packet back towards the source. Loopback mode assumes 497 that a return path from transit nodes and destination nodes 498 towards the source exists. The encapsulating node decides 499 (e.g. using a filter) which packets loopback mode is enabled 500 for by setting the loopback bit. The encapsulating node also 501 needs to ensure that sufficient space is available in the IOAM 502 header for loopback operation. The loopback bit when set 503 indicates to the transit nodes processing this option to create 504 a copy of the packet received and send this copy of the packet 505 back to the source of the packet while it continues to forward 506 the original packet towards the destination. The source 507 address of the original packet is used as destination address 508 in the copied packet. The address of the node performing the 509 copy operation is used as the source address. The L-bit MUST 510 be cleared in the copy of the packet that a node sends back 511 towards the source. On its way back towards the source, the 512 packet is processed like a regular packet with IOAM 513 information. Once the return packet reaches the IOAM domain 514 boundary IOAM decapsulation occurs as with any other packet 515 containing IOAM information. 517 Bit 2-3 Reserved: Must be zero. 519 RemainingLen: 7-bit unsigned integer. This field specifies the data 520 space in multiples of 4-octets remaining for recording the node 521 data, before the node data list is considered to have overflowed. 522 When RemainingLen reaches 0, nodes are no longer allowed to add 523 node data. Given that the sender knows the minimum path MTU, the 524 sender MAY set the initial value of RemainingLen according to the 525 number of node data bytes allowed before exceeding the MTU. 526 Subsequent nodes can carry out a simple comparison between 527 RemainingLen and NodeLen, along with the length of the "Opaque 528 State Snapshot" if applicable, to determine whether or not data 529 can be added by this node. When node data is added, the node MUST 530 decrease RemainingLen by the amount of data added. In the pre- 531 allocated trace option, this is used as an offset in data space to 532 record the node data element. 534 Node data List [n]: Variable-length field. The type of which is 535 determined by the IOAM-Trace-Type bit representing the n-th node 536 data in the node data list. The node data list is encoded 537 starting from the last node data of the path. The first element 538 of the node data list (node data list [0]) contains the last node 539 of the path while the last node data of the node data list (node 540 data list[n]) contains the first node data of the path traced. In 541 the pre-allocated trace option, the index contained in 542 RemainingLen identifies the offset for current active node data to 543 be populated. 545 4.1.2. IOAM node data fields and associated formats 547 All the data fields MUST be 4-octet aligned. If a node which is 548 supposed to update an IOAM data field is not capable of populating 549 the value of a field set in the IOAM-Trace-Type, the field value MUST 550 be set to 0xFFFFFFFF for 4-octet fields or 0xFFFFFFFFFFFFFFFF for 551 8-octet fields, indicating that the value is not populated, except 552 when explicitly specified in the field description below. 554 Data field and associated data type for each of the data field is 555 shown below: 557 Hop_Lim and node_id: 4-octet field defined as follows: 559 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 560 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 561 | Hop_Lim | node_id | 562 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 563 Hop_Lim: 1-octet unsigned integer. It is set to the Hop Limit 564 value in the packet at the node that records this data. Hop 565 Limit information is used to identify the location of the node 566 in the communication path. This is copied from the lower 567 layer, e.g., TTL value in IPv4 header or hop limit field from 568 IPv6 header of the packet when the packet is ready for 569 transmission. The semantics of the Hop_Lim field depend on the 570 lower layer protocol that IOAM is encapsulated over, and 571 therefore its specific semantics are outside the scope of this 572 memo. 574 node_id: 3-octet unsigned integer. Node identifier field to 575 uniquely identify a node within in-situ OAM domain. The 576 procedure to allocate, manage and map the node_ids is beyond 577 the scope of this document. 579 ingress_if_id and egress_if_id: 4-octet field defined as follows: 581 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 582 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 583 | ingress_if_id | egress_if_id | 584 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 586 ingress_if_id: 2-octet unsigned integer. Interface identifier to 587 record the ingress interface the packet was received on. 589 egress_if_id: 2-octet unsigned integer. Interface identifier to 590 record the egress interface the packet is forwarded out of. 592 timestamp seconds: 4-octet unsigned integer. Absolute timestamp in 593 seconds that specifies the time at which the packet was received 594 by the node. This field has three possible formats; based on 595 either PTP [IEEE1588v2], NTP [RFC5905], or POSIX [POSIX]. The 596 three timestamp formats are specified in Section 5. In all three 597 cases, the Timestamp Seconds field contains the 32 most 598 significant bits of the timestamp format that is specified in 599 Section 5. If a node is not capable of populating this field, it 600 assigns the value 0xFFFFFFFF. Note that this is a legitimate 601 value that is valid for 1 second in approximately 136 years; the 602 analyzer should correlate several packets or compare the timestamp 603 value to its own time-of-day in order to detect the error 604 indication. 606 timestamp subseconds: 4-octet unsigned integer. Absolute timestamp 607 in subseconds that specifies the time at which the packet was 608 received by the node. This field has three possible formats; 609 based on either PTP [IEEE1588v2], NTP [RFC5905], or POSIX [POSIX]. 610 The three timestamp formats are specified in Section 5. In all 611 three cases, the Timestamp Subseconds field contains the 32 least 612 significant bits of the timestamp format that is specified in 613 Section 5. If a node is not capable of populating this field, it 614 assigns the value 0xFFFFFFFF. Note that this is a legitimate 615 value in the NTP format, valid for approximately 233 picoseconds 616 in every second. If the NTP format is used the analyzer should 617 correlate several packets in order to detect the error indication. 619 transit delay: 4-octet unsigned integer in the range 0 to 2^31-1. 620 It is the time in nanoseconds the packet spent in the transit 621 node. This can serve as an indication of the queuing delay at the 622 node. If the transit delay exceeds 2^31-1 nanoseconds then the 623 top bit 'O' is set to indicate overflow and value set to 624 0x80000000. When this field is part of the data field but a node 625 populating the field is not able to fill it, the field position in 626 the field must be filled with value 0xFFFFFFFF to mean not 627 populated. 629 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 630 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 631 |O| transit delay | 632 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 634 app_data: 4-octet placeholder which can be used by the node to add 635 application specific data. App_data represents a "free-format" 636 4-octet bit field with its semantics defined by a specific 637 deployment. 639 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 640 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 641 | app_data | 642 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 644 queue depth: 4-octet unsigned integer field. This field indicates 645 the current length of the egress interface queue of the interface 646 from where the packet is forwarded out. The queue depth is 647 expressed as the current number of memory buffers used by the 648 queue (a packet may consume one or more memory buffers, depending 649 on its size). 651 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 652 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 653 | queue depth | 654 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 656 Opaque State Snapshot: Variable length field. It allows the network 657 element to store an arbitrary state in the node data field , 658 without a pre-defined schema. The schema needs to be made known 659 to the analyzer by some out-of-band mechanism. The specification 660 of this mechanism is beyond the scope of this document. The 661 24-bit "Schema Id" field in the field indicates which particular 662 schema is used, and should be configured on the network element by 663 the operator. 665 0 1 2 3 666 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 667 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 668 | Length | Schema ID | 669 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 670 | | 671 | | 672 | Opaque data | 673 ~ ~ 674 . . 675 . . 676 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 678 Length: 1-octet unsigned integer. It is the length in multiples 679 of 4-octets of the Opaque data field that follows Schema Id. 681 Schema ID: 3-octet unsigned integer identifying the schema of 682 Opaque data. 684 Opaque data: Variable length field. This field is interpreted as 685 specified by the schema identified by the Schema ID. 687 When this field is part of the data field but a node populating 688 the field has no opaque state data to report, the Length must be 689 set to 0 and the Schema ID must be set to 0xFFFFFF to mean no 690 schema. 692 Hop_Lim and node_id wide: 8-octet field defined as follows: 694 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 695 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 696 | Hop_Lim | node_id ~ 697 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 698 ~ node_id (contd) | 699 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 701 Hop_Lim: 1-octet unsigned integer. It is set to the Hop Limit 702 value in the packet at the node that records this data. Hop 703 Limit information is used to identify the location of the node 704 in the communication path. This is copied from the lower layer 705 for e.g. TTL value in IPv4 header or hop limit field from IPv6 706 header of the packet. The semantics of the Hop_Lim field 707 depend on the lower layer protocol that IOAM is encapsulated 708 over, and therefore its specific semantics are outside the 709 scope of this memo. 711 node_id: 7-octet unsigned integer. Node identifier field to 712 uniquely identify a node within in-situ OAM domain. The 713 procedure to allocate, manage and map the node_ids is beyond 714 the scope of this document. 716 ingress_if_id and egress_if_id wide: 8-octet field defined as 717 follows: 719 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 720 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 721 | ingress_if_id | 722 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 723 | egress_if_id | 724 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 726 ingress_if_id: 4-octet unsigned integer. Interface identifier to 727 record the ingress interface the packet was received on. 729 egress_if_id: 4-octet unsigned integer. Interface identifier to 730 record the egress interface the packet is forwarded out of. 732 app_data wide: 8-octet placeholder which can be used by the node to 733 add application specific data. App data represents a "free- 734 format" 8-octed bit field with its semantics defined by a specific 735 deployment. 737 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 738 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 739 | app data ~ 740 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 741 ~ app data (contd) | 742 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 744 Checksum Complement: 4-octet node data which contains a two-octet 745 Checksum Complement field, and a 2-octet reserved field. The 746 Checksum Complement is useful when IOAM is transported over 747 encapsulations that make use of a UDP transport, such as VXLAN-GPE 748 or Geneve. Without the Checksum Complement, nodes adding IOAM 749 node data must update the UDP Checksum field. When the Checksum 750 Complement is present, an IOAM encapsulating node or IOAM transit 751 node adding node data MUST carry out one of the following two 752 alternatives in order to maintain the correctness of the UDP 753 Checksum value: 755 1. Recompute the UDP Checksum field. 757 2. Use the Checksum Complement to make a checksum-neutral update 758 in the UDP payload; the Checksum Complement is assigned a 759 value that complements the rest of the node data fields that 760 were added by the current node, causing the existing UDP 761 Checksum field to remain correct. 763 IOAM decapsulating nodes MUST recompute the UDP Checksum field, 764 since they do not know whether previous hops modified the UDP 765 Checksum field or the Checksum Complement field. 767 Checksum Complement fields are used in a similar manner in 768 [RFC7820] and [RFC7821]. 770 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 771 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 772 | Checksum Complement | Reserved | 773 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 775 4.1.3. Examples of IOAM node data 777 An entry in the "node data list" array can have different formats, 778 following the needs of the deployment. Some deployments might only 779 be interested in recording the node identifiers, whereas others might 780 be interested in recording node identifier and timestamp. The 781 section defines different types that an entry in "node data list" can 782 take. 784 0xD400: IOAM-Trace-Type is 0xD400 then the format of node data is: 786 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 787 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 788 | Hop_Lim | node_id | 789 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 790 | ingress_if_id | egress_if_id | 791 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 792 | timestamp subseconds | 793 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 794 | app_data | 795 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 797 0xC000: IOAM-Trace-Type is 0xC000 then the format is: 799 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 800 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 801 | Hop_Lim | node_id | 802 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 803 | ingress_if_id | egress_if_id | 804 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 806 0x9000: IOAM-Trace-Type is 0x9000 then the format is: 808 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 809 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 810 | Hop_Lim | node_id | 811 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 812 | timestamp subseconds | 813 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 815 0x8400: IOAM-Trace-Type is 0x8400 then the format is: 817 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 818 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 819 | Hop_Lim | node_id | 820 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 821 | app_data | 822 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 824 0x9400: IOAM-Trace-Type is 0x9400 then the format is: 826 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 827 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 828 | Hop_Lim | node_id | 829 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 830 | timestamp subseconds | 831 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 832 | app_data | 833 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 835 0x3180: IOAM-Trace-Type is 0x3180 then the format is: 837 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 838 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 839 | timestamp seconds | 840 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 841 | timestamp subseconds | 842 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 843 | Length | Schema Id | 844 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 845 | | 846 | | 847 | Opaque data | 848 ~ ~ 849 . . 850 . . 851 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 852 | Hop_Lim | node_id | 853 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 854 | node_id(contd) | 855 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 857 4.2. IOAM Proof of Transit Option 859 IOAM Proof of Transit data is to support the path or service function 860 chain [RFC7665] verification use cases. Proof-of-transit uses 861 methods like nested hashing or nested encryption of the IOAM data or 862 mechanisms such as Shamir's Secret Sharing Schema (SSSS). While 863 details on how the IOAM data for the proof of transit option is 864 processed at IOAM encapsulating, decapsulating and transit nodes are 865 outside the scope of the document, all of these approaches share the 866 need to uniquely identify a packet as well as iteratively operate on 867 a set of information that is handed from node to node. 868 Correspondingly, two pieces of information are added as IOAM data to 869 the packet: 871 o Random: Unique identifier for the packet (e.g., 64-bits allow for 872 the unique identification of 2^64 packets). 874 o Cumulative: Information which is handed from node to node and 875 updated by every node according to a verification algorithm. 877 IOAM proof of transit option: 879 IOAM proof of transit option header: 881 0 1 2 3 882 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 883 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 884 |IOAM POT Type | IOAM POT flags| Reserved | 885 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 887 IOAM proof of transit option data MUST be 4-octet aligned.: 889 0 1 2 3 890 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 891 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 892 | POT Option data field determined by IOAM-POT-Type | 893 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 895 IOAM POT Type: 8-bit identifier of a particular POT variant that 896 specifies the POT data that is included. This document defines 897 POT Type 0: 899 0: POT data is a 16 Octet field as described below. 901 IOAM POT flags: 8-bit. Following flags are defined: 903 Bit 0 "Profile-to-use" (P-bit) (most significant bit). For IOAM 904 POT types that use a maximum of two profiles to drive 905 computation, indicates which POT-profile is used. The two 906 profiles are numbered 0, 1. 908 Bit 1-7 Reserved: Must be set to zero upon transmission and 909 ignored upon receipt. 911 Reserved: 16-bit Reserved bits are present for future use. The 912 reserved bits Must be set to zero upon transmission and ignored 913 upon receipt. 915 POT Option data: Variable-length field. The type of which is 916 determined by the IOAM-POT-Type. 918 4.2.1. IOAM Proof of Transit Type 0 919 IOAM proof of transit option of IOAM POT Type 0: 921 0 1 2 3 922 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 923 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 924 |IOAM POT Type=0|P|R R R R R R R| Reserved | 925 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 926 | Random | | 927 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ P 928 | Random(contd) | O 929 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ T 930 | Cumulative | | 931 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 932 | Cumulative (contd) | | 933 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 935 IOAM POT Type: 8-bit identifier of a particular POT variant that 936 specifies the POT data that is included. This section defines the 937 POT data when the IOAM POT Type is set to the value 0. 939 P bit: 1-bit. "Profile-to-use" (P-bit) (most significant bit). 940 Indicates which POT-profile is used to generate the Cumulative. 941 Any node participating in POT will have a maximum of 2 profiles 942 configured that drive the computation of cumulative. The two 943 profiles are numbered 0, 1. This bit conveys whether profile 0 or 944 profile 1 is used to compute the Cumulative. 946 R (7 bits): 7-bit IOAM POT flags for future use. MUST be set to 947 zero upon transmission and ignored upon receipt. 949 Reserved: 16-bit Reserved bits are present for future use. The 950 reserved bits Must be set to zero upon transmission and ignored 951 upon receipt. 953 Random: 64-bit Per packet Random number. 955 Cumulative: 64-bit Cumulative that is updated at specific nodes by 956 processing per packet Random number field and configured 957 parameters. 959 Note: Larger or smaller sizes of "Random" and "Cumulative" data are 960 feasible and could be required for certain deployments (e.g. in case 961 of space constraints in the transport protocol used). Future 962 versions of this document will address different sizes of data for 963 "proof of transit". 965 4.3. IOAM Edge-to-Edge Option 967 The IOAM edge-to-edge option is to carry data that is added by the 968 IOAM encapsulating node and interpreted by IOAM decapsulating node. 969 The IOAM transit nodes MAY process the data without modifying it. 971 IOAM edge-to-edge option: 973 IOAM edge-to-edge option header: 975 0 1 2 3 976 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 977 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 978 | IOAM-E2E-Type | Reserved | 979 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 981 IOAM edge-to-edge option data MUST be 4-octet aligned: 983 0 1 2 3 984 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 985 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 986 | E2E Option data field determined by IOAM-E2E-Type | 987 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 989 IOAM-E2E-Type: A 16-bit identifier which specifies which data types 990 are used in the E2E option data. The IOAM-E2E-Type value is a bit 991 field. The order of packing the E2E option data field elements 992 follows the bit order of the IOAM-E2E-Type field, as follows: 994 Bit 0 (Most significant bit) When set indicates presence of a 995 64-bit sequence number added to a specific tube which is 996 used to detect packet loss, packet reordering, or packet 997 duplication for that tube. Each tube leverages a 998 dedicated namespace for its sequence numbers. 1000 Bit 1 When set indicates presence of a 32-bit sequence number 1001 added to a specific tube which is used to detect packet 1002 loss, packet reordering, or packet duplication for that 1003 tube. Each tube leverages a dedicated namespace for its 1004 sequence numbers. 1006 Bit 2 When set indicates presence of timestamp seconds for the 1007 transmission of the frame. This 4-octet field has three 1008 possible formats; based on either PTP [IEEE1588v2], NTP 1009 [RFC5905], or POSIX [POSIX]. The three timestamp formats 1010 are specified in Section 5. In all three cases, the 1011 Timestamp Seconds field contains the 32 most significant 1012 bits of the timestamp format that is specified in 1013 Section 5. If a node is not capable of populating this 1014 field, it assigns the value 0xFFFFFFFF. Note that this 1015 is a legitimate value that is valid for 1 second in 1016 approximately 136 years; the analyzer should correlate 1017 several packets or compare the timestamp value to its own 1018 time-of-day in order to detect the error indication. 1020 Bit 3 When set indicates presence of timestamp subseconds for 1021 the transmission of the frame. This 4-octet field has 1022 three possible formats; based on either PTP [IEEE1588v2], 1023 NTP [RFC5905], or POSIX [POSIX]. The three timestamp 1024 formats are specified in Section 5. In all three cases, 1025 the Timestamp Subseconds field contains the 32 least 1026 significant bits of the timestamp format that is 1027 specified in Section 5. If a node is not capable of 1028 populating this field, it assigns the value 0xFFFFFFFF. 1029 Note that this is a legitimate value in the NTP format, 1030 valid for approximately 233 picoseconds in every second. 1031 If the NTP format is used the analyzer should correlate 1032 several packets in order to detect the error indication. 1034 Bit 4-15 Undefined. An IOAM encapsulating node Must set the value 1035 of these bits to zero upon transmission and ignore upon 1036 receipt. 1038 Reserved: 16-bits Reserved bits are present for future use. The 1039 reserved bits Must be set to zero upon transmission and ignored 1040 upon receipt. 1042 E2E Option data: Variable-length field. The type of which is 1043 determined by the IOAM-E2E-Type. 1045 5. Timestamp Formats 1047 The IOAM data fields include a timestamp field which is represented 1048 in one of three possible timestamp formats. It is assumed that the 1049 management plane is responsible for determining which timestamp 1050 format is used. 1052 5.1. PTP Truncated Timestamp Format 1054 The Precision Time Protocol (PTP) [IEEE1588v2] uses an 80-bit 1055 timestamp format. The truncated timestamp format is a 64-bit field, 1056 which is the 64 least significant bits of the 80-bit PTP timestamp. 1057 The PTP truncated format is specified in Section 4.3 of 1058 [I-D.ietf-ntp-packet-timestamps], and the details are presented below 1059 for the sake of completeness. 1061 0 1 2 3 1062 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1063 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1064 | Seconds | 1065 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1066 | Nanoseconds | 1067 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1069 Figure 1: PTP [IEEE1588] Truncated Timestamp Format 1071 Timestamp field format: 1073 Seconds: specifies the integer portion of the number of seconds 1074 since the epoch. 1076 + Size: 32 bits. 1078 + Units: seconds. 1080 Nanoseconds: specifies the fractional portion of the number of 1081 seconds since the epoch. 1083 + Size: 32 bits. 1085 + Units: nanoseconds. The value of this field is in the range 0 1086 to (10^9)-1. 1088 Epoch: 1090 The PTP [IEEE1588v2] epoch is 1 January 1970 00:00:00 TAI, which 1091 is 31 December 1969 23:59:51.999918 UTC. 1093 Resolution: 1095 The resolution is 1 nanosecond. 1097 Wraparound: 1099 This time format wraps around every 2^32 seconds, which is roughly 1100 136 years. The next wraparound will occur in the year 2106. 1102 Synchronization Aspects: 1104 It is assumed that nodes that run this protocol are synchronized 1105 among themselves. Nodes may be synchronized to a global reference 1106 time. Note that if PTP [IEEE1588v2] is used for synchronization, 1107 the timestamp may be derived from the PTP-synchronized clock, 1108 allowing the timestamp to be measured with respect to the clock of 1109 an PTP Grandmaster clock. 1111 The PTP truncated timestamp format is not affected by leap 1112 seconds. 1114 5.2. NTP 64-bit Timestamp Format 1116 The Network Time Protocol (NTP) [RFC5905] timestamp format is 64 bits 1117 long. This format is specified in Section 4.2.1 of 1118 [I-D.ietf-ntp-packet-timestamps], and the details are presented below 1119 for the sake of completeness. 1121 0 1 2 3 1122 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1123 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1124 | Seconds | 1125 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1126 | Fraction | 1127 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1129 Figure 2: NTP [RFC5905] 64-bit Timestamp Format 1131 Timestamp field format: 1133 Seconds: specifies the integer portion of the number of seconds 1134 since the epoch. 1136 + Size: 32 bits. 1138 + Units: seconds. 1140 Fraction: specifies the fractional portion of the number of 1141 seconds since the epoch. 1143 + Size: 32 bits. 1145 + Units: the unit is 2^(-32) seconds, which is roughly equal to 1146 233 picoseconds. 1148 Epoch: 1150 The epoch is 1 January 1900 at 00:00 UTC. 1152 Resolution: 1154 The resolution is 2^(-32) seconds. 1156 Wraparound: 1158 This time format wraps around every 2^32 seconds, which is roughly 1159 136 years. The next wraparound will occur in the year 2036. 1161 Synchronization Aspects: 1163 Nodes that use this timestamp format will typically be 1164 synchronized to UTC using NTP [RFC5905]. Thus, the timestamp may 1165 be derived from the NTP-synchronized clock, allowing the timestamp 1166 to be measured with respect to the clock of an NTP server. 1168 The NTP timestamp format is affected by leap seconds; it 1169 represents the number of seconds since the epoch minus the number 1170 of leap seconds that have occurred since the epoch. The value of 1171 a timestamp during or slightly after a leap second may be 1172 temporarily inaccurate. 1174 5.3. POSIX-based Timestamp Format 1176 This timestamp format is based on the POSIX time format [POSIX]. The 1177 detailed specification of the timestamp format used in this document 1178 is presented below. 1180 0 1 2 3 1181 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1182 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1183 | Seconds | 1184 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1185 | Microseconds | 1186 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1188 Figure 3: POSIX-based Timestamp Format 1190 Timestamp field format: 1192 Seconds: specifies the integer portion of the number of seconds 1193 since the epoch. 1195 + Size: 32 bits. 1197 + Units: seconds. 1199 Microseconds: specifies the fractional portion of the number of 1200 seconds since the epoch. 1202 + Size: 32 bits. 1204 + Units: the unit is microseconds. The value of this field is in 1205 the range 0 to (10^6)-1. 1207 Epoch: 1209 The epoch is 1 January 1970 00:00:00 TAI, which is 31 December 1210 1969 23:59:51.999918 UTC. 1212 Resolution: 1214 The resolution is 1 microsecond. 1216 Wraparound: 1218 This time format wraps around every 2^32 seconds, which is roughly 1219 136 years. The next wraparound will occur in the year 2106. 1221 Synchronization Aspects: 1223 It is assumed that nodes that use this timestamp format run Linux 1224 operating system, and hence use the POSIX time. In some cases 1225 nodes may be synchronized to UTC using a synchronization mechanism 1226 that is outside the scope of this document, such as NTP [RFC5905]. 1227 Thus, the timestamp may be derived from the NTP-synchronized 1228 clock, allowing the timestamp to be measured with respect to the 1229 clock of an NTP server. 1231 The POSIX-based timestamp format is affected by leap seconds; it 1232 represents the number of seconds since the epoch minus the number 1233 of leap seconds that have occurred since the epoch. The value of 1234 a timestamp during or slightly after a leap second may be 1235 temporarily inaccurate. 1237 6. IOAM Data Export 1239 IOAM nodes collect information for packets traversing a domain that 1240 supports IOAM. IOAM decapsulating nodes as well as IOAM transit 1241 nodes can choose to retrieve IOAM information from the packet, 1242 process the information further and export the information using 1243 e.g., IPFIX. 1245 Raw data export of IOAM data using IPFIX is discussed in 1246 [I-D.spiegel-ippm-ioam-rawexport]. 1248 7. IANA Considerations 1250 This document requests the following IANA Actions. 1252 7.1. Creation of a new In-Situ OAM Protocol Parameters Registry (IOAM) 1253 Protocol Parameters IANA registry 1255 IANA is requested to create a new protocol registry for "In-Situ OAM 1256 (IOAM) Protocol Parameters". This is the common registry that will 1257 include registrations for all IOAM namespaces. Each Registry, whose 1258 names are listed below: 1260 IOAM Type 1262 IOAM Trace Type 1264 IOAM Trace flags 1266 IOAM POT Type 1268 IOAM POT flags 1270 IOAM E2E Type 1272 will contain the current set of possibilities defined in this 1273 document. New registries in this name space are created via RFC 1274 Required process as per [RFC8126]. 1276 The subsequent sub-sections detail the registries herein contained. 1278 7.2. IOAM Type Registry 1280 This registry defines 128 code points for the IOAM-Type field for 1281 identifying IOAM options as explained in Section 4. The following 1282 code points are defined in this draft: 1284 0 IOAM Pre-allocated Trace Option Type 1286 1 IOAM Incremental Trace Option Type 1288 2 IOAM POT Option Type 1290 3 IOAM E2E Option Type 1292 4 - 127 are available for assignment via RFC Required process as per 1293 [RFC8126]. 1295 7.3. IOAM Trace Type Registry 1297 This registry defines code point for each bit in the 16-bit IOAM- 1298 Trace-Type field for Pre-allocated trace option and Incremental trace 1299 option defined in Section 4.1. The meaning of Bit 0 - 11 for trace 1300 type are defined in this document in Paragraph 1 of (Section 4.1.1). 1301 The meaning for Bit 12 - 15 are available for assignment via RFC 1302 Required process as per [RFC8126]. 1304 7.4. IOAM Trace Flags Registry 1306 This registry defines code point for each bit in the 4 bit flags for 1307 Pre-allocated trace option and Incremental trace option defined in 1308 Section 4.1. The meaning of Bit 0 - 1 for trace flags are defined in 1309 this document in Paragraph 5 of Section 4.1.1. The meaning for Bit 2 1310 - 3 are available for assignment via RFC Required process as per 1311 [RFC8126]. 1313 7.5. IOAM POT Type Registry 1315 This registry defines 256 code points to define IOAM POT Type for 1316 IOAM proof of transit option Section 4.2. The code point value 0 is 1317 defined in this document, 1 - 255 are available for assignment via 1318 RFC Required process as per [RFC8126]. 1320 7.6. IOAM POT Flags Registry 1322 This registry defines code point for each bit in the 8 bit flags for 1323 IOAM POT option defined in Section 4.2. The meaning of Bit 0 for 1324 IOAM POT flags is defined in this document in Section 4.2. The 1325 meaning for Bit 1 - 7 are available for assignment via RFC Required 1326 process as per [RFC8126]. 1328 7.7. IOAM E2E Type Registry 1330 This registry defines code points for each bit in the 16 bit IOAM- 1331 E2E-Type field for IOAM E2E option Section 4.3. The meaning of Bit 0 1332 - 3 are defined in this document. The meaning of Bit 4 - 15 are 1333 available for assignments via RFC Required process as per [RFC8126]. 1335 8. Security Considerations 1337 As discussed in [RFC7276], a successful attack on an OAM protocol in 1338 general, and specifically on IOAM, can prevent the detection of 1339 failures or anomalies, or create a false illusion of nonexistent 1340 ones. 1342 The Proof of Transit option (Section Section 4.2) is used for 1343 verifying the path of data packets. The security considerations of 1344 POT are further discussed in [I-D.brockners-proof-of-transit]. 1346 The data elements of IOAM can be used for network reconnaissance, 1347 allowing attackers to collect information about network paths, 1348 performance, queue states, and other information. 1350 IOAM can be used as a means for implementing Denial of Service (DoS) 1351 attacks, or for amplifying them. For example, a malicious attacker 1352 can add an IOAM header to packets in order to consume the resources 1353 of network devices that take part in IOAM or collectors that analyze 1354 the IOAM data. Another example is a packet length attack, in which 1355 an attacker pushes IOAM headers into data packets, causing these 1356 packets to be increased beyond the MTU size, resulting in 1357 fragmentation or in packet drops. 1359 Since IOAM options may include timestamps, if network devices use 1360 synchronization protocols then any attack on the time protocol 1361 [RFC7384] can compromise the integrity of the timestamp-related data 1362 fields. 1364 At the management plane, attacks may be implemented by misconfiguring 1365 or by maliciously configuring IOAM-enabled nodes in a way that 1366 enables other attacks. Thus, IOAM configuration should be secured in 1367 a way that authenticates authorized users and verifies the integrity 1368 of configuration procedures. 1370 Notably, IOAM is expected to be deployed in specific network domains, 1371 thus confining the potential attack vectors to within the network 1372 domain. Indeed, in order to limit the scope of threats to within the 1373 current network domain the network operator is expected to enforce 1374 policies that prevent IOAM traffic from leaking outside of the IOAM 1375 domain, and prevent IOAM data from outside the domain to be processed 1376 and used within the domain. 1378 9. Acknowledgements 1380 The authors would like to thank Eric Vyncke, Nalini Elkins, Srihari 1381 Raghavan, Ranganathan T S, Karthik Babu Harichandra Babu, Akshaya 1382 Nadahalli, LJ Wobker, Erik Nordmark, Vengada Prasad Govindan, and 1383 Andrew Yourtchenko for the comments and advice. 1385 This document leverages and builds on top of several concepts 1386 described in [I-D.kitamura-ipv6-record-route]. The authors would 1387 like to acknowledge the work done by the author Hiroshi Kitamura and 1388 people involved in writing it. 1390 The authors would like to gracefully acknowledge useful review and 1391 insightful comments received from Joe Clarke, Al Morton, and Mickey 1392 Spiegel. 1394 10. References 1396 10.1. Normative References 1398 [IEEE1588v2] 1399 Institute of Electrical and Electronics Engineers, "IEEE 1400 Std 1588-2008 - IEEE Standard for a Precision Clock 1401 Synchronization Protocol for Networked Measurement and 1402 Control Systems", IEEE Std 1588-2008, 2008, 1403 . 1406 [POSIX] Institute of Electrical and Electronics Engineers, "IEEE 1407 Std 1003.1-2008 (Revision of IEEE Std 1003.1-2004) - IEEE 1408 Standard for Information Technology - Portable Operating 1409 System Interface (POSIX(R))", IEEE Std 1003.1-2008, 2008, 1410 . 1413 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1414 Requirement Levels", BCP 14, RFC 2119, 1415 DOI 10.17487/RFC2119, March 1997, . 1418 [RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, 1419 "Network Time Protocol Version 4: Protocol and Algorithms 1420 Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, 1421 . 1423 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1424 Writing an IANA Considerations Section in RFCs", BCP 26, 1425 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1426 . 1428 10.2. Informative References 1430 [I-D.brockners-proof-of-transit] 1431 Brockners, F., Bhandari, S., Dara, S., Pignataro, C., 1432 Leddy, J., Youell, S., Mozes, D., and T. Mizrahi, "Proof 1433 of Transit", draft-brockners-proof-of-transit-05 (work in 1434 progress), May 2018. 1436 [I-D.ietf-ntp-packet-timestamps] 1437 Mizrahi, T., Fabini, J., and A. Morton, "Guidelines for 1438 Defining Packet Timestamps", draft-ietf-ntp-packet- 1439 timestamps-02 (work in progress), June 2018. 1441 [I-D.ietf-nvo3-geneve] 1442 Gross, J., Ganga, I., and T. Sridhar, "Geneve: Generic 1443 Network Virtualization Encapsulation", draft-ietf- 1444 nvo3-geneve-06 (work in progress), March 2018. 1446 [I-D.ietf-nvo3-vxlan-gpe] 1447 Maino, F., Kreeger, L., and U. Elzur, "Generic Protocol 1448 Extension for VXLAN", draft-ietf-nvo3-vxlan-gpe-06 (work 1449 in progress), April 2018. 1451 [I-D.ietf-sfc-nsh] 1452 Quinn, P., Elzur, U., and C. Pignataro, "Network Service 1453 Header (NSH)", draft-ietf-sfc-nsh-28 (work in progress), 1454 November 2017. 1456 [I-D.kitamura-ipv6-record-route] 1457 Kitamura, H., "Record Route for IPv6 (PR6) Hop-by-Hop 1458 Option Extension", draft-kitamura-ipv6-record-route-00 1459 (work in progress), November 2000. 1461 [I-D.lapukhov-dataplane-probe] 1462 Lapukhov, P. and r. remy@barefootnetworks.com, "Data-plane 1463 probe for in-band telemetry collection", draft-lapukhov- 1464 dataplane-probe-01 (work in progress), June 2016. 1466 [I-D.spiegel-ippm-ioam-rawexport] 1467 Spiegel, M., Brockners, F., Bhandari, S., and R. 1468 Sivakolundu, "In-situ OAM raw data export with IPFIX", 1469 draft-spiegel-ippm-ioam-rawexport-00 (work in progress), 1470 March 2018. 1472 [RFC7276] Mizrahi, T., Sprecher, N., Bellagamba, E., and Y. 1473 Weingarten, "An Overview of Operations, Administration, 1474 and Maintenance (OAM) Tools", RFC 7276, 1475 DOI 10.17487/RFC7276, June 2014, . 1478 [RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in 1479 Packet Switched Networks", RFC 7384, DOI 10.17487/RFC7384, 1480 October 2014, . 1482 [RFC7665] Halpern, J., Ed. and C. Pignataro, Ed., "Service Function 1483 Chaining (SFC) Architecture", RFC 7665, 1484 DOI 10.17487/RFC7665, October 2015, . 1487 [RFC7799] Morton, A., "Active and Passive Metrics and Methods (with 1488 Hybrid Types In-Between)", RFC 7799, DOI 10.17487/RFC7799, 1489 May 2016, . 1491 [RFC7820] Mizrahi, T., "UDP Checksum Complement in the One-Way 1492 Active Measurement Protocol (OWAMP) and Two-Way Active 1493 Measurement Protocol (TWAMP)", RFC 7820, 1494 DOI 10.17487/RFC7820, March 2016, . 1497 [RFC7821] Mizrahi, T., "UDP Checksum Complement in the Network Time 1498 Protocol (NTP)", RFC 7821, DOI 10.17487/RFC7821, March 1499 2016, . 1501 Authors' Addresses 1503 Frank Brockners 1504 Cisco Systems, Inc. 1505 Hansaallee 249, 3rd Floor 1506 DUESSELDORF, NORDRHEIN-WESTFALEN 40549 1507 Germany 1509 Email: fbrockne@cisco.com 1511 Shwetha Bhandari 1512 Cisco Systems, Inc. 1513 Cessna Business Park, Sarjapura Marathalli Outer Ring Road 1514 Bangalore, KARNATAKA 560 087 1515 India 1517 Email: shwethab@cisco.com 1519 Carlos Pignataro 1520 Cisco Systems, Inc. 1521 7200-11 Kit Creek Road 1522 Research Triangle Park, NC 27709 1523 United States 1525 Email: cpignata@cisco.com 1526 Hannes Gredler 1527 RtBrick Inc. 1529 Email: hannes@rtbrick.com 1531 John Leddy 1532 Comcast 1533 United States 1535 Email: John_Leddy@cable.comcast.com 1537 Stephen Youell 1538 JP Morgan Chase 1539 25 Bank Street 1540 London E14 5JP 1541 United Kingdom 1543 Email: stephen.youell@jpmorgan.com 1545 Tal Mizrahi 1546 Marvell 1547 6 Hamada St. 1548 Yokneam 2066721 1549 Israel 1551 Email: talmi@marvell.com 1553 David Mozes 1555 Email: mosesster@gmail.com 1557 Petr Lapukhov 1558 Facebook 1559 1 Hacker Way 1560 Menlo Park, CA 94025 1561 US 1563 Email: petr@fb.com 1564 Remy Chang 1565 Barefoot Networks 1566 4750 Patrick Henry Drive 1567 Santa Clara, CA 95054 1568 US 1570 Daniel Bernier 1571 Bell Canada 1572 Canada 1574 Email: daniel.bernier@bell.ca 1576 John Lemon 1577 Broadcom 1578 270 Innovation Drive 1579 San Jose, CA 95134 1580 US 1582 Email: john.lemon@broadcom.com